<?php
if(!defined(_TIME))define(_TIME,time());


function InsertAccount($FirstName,$LastName,$username,$password,$PrimaryEmail,$SecondaryEmail,$CompanyName,$Address1,$Address2,$Address3,$Town,
	$County,$PostCode,$CountryCode,$HomePhone,$WorkPhone,$MobilePhone,$FaxNumber,$dBirthday='',$Gender=-2,$status=0)
{
global $dbsql;

	$GroupId=0;
	$addition='';
	if(empty($PrimaryEmail))return 0;
	$password	=	gpc_Md5($password);
	
	$sql_insert = "INSERT INTO tblaccount 
			(cName,cPassword,cFirstName,cLastName,dBirthday,cEmail,cEmail2,cCompany,
			 cAddress,cAddress2,cAddress3,cCity,cState,cZipCode,cCountry,iGender,
			 cMobiPhone,cHomePhone,cWorkPhone,cFax,iStatus,dEntryDate,iGroupId,cInfo) 
			 VALUES 
			('$username','$password','$FirstName','$LastName','$dBirthday','$PrimaryEmail','$SecondaryEmail','$CompanyName',
			 '$Address1','$Address2','$Address3','$Town','$County','$PostCode','$CountryCode','$Gender',
			 '$MobilePhone','$HomePhone','$WorkPhone','$FaxNumber','$status','$datereg',$GroupId,'$addition')";
	$rs=$dbsql->query($sql_insert,true);
	if($rs)return $dbsql->insert_id();
	return 0;
}

function UpdateAccount($idAccount,$FirstName,$LastName,$password,$cEmail,$SecondaryEmail,$CompanyName,
	$Address1,$Address2,$Address3,$cCity,
	$cState,$cZipCode,$cCountry,$HomePhone,$WorkPhone,$MobilePhone,$FaxNumber,$dBirthday='',$Gender=-2)
{
global $dbsql;
	
	$sql_update="UPDATE tblaccount SET
				cFirstName	 = '$FirstName',
				cLastName	 = '$LastName',
				cEmail2		 = '$SecondaryEmail',
				cCompany	 = '$CompanyName',
				cAddress	 = '$Address1',
				cAddress2	 = '$Address2',
				cAddress3	 = '$Address3',
				cCity		 = '$cCity',						
				cState		 = '$cState',
				cZipCode	 = '$cZipCode',
				cCountry	 = '$cCountry',						
				cMobiPhone	 = '$MobilePhone',
				cHomePhone	 = '$HomePhone',
				cWorkPhone	 = '$WorkPhone',";
	if(!empty($cEmail))
	{
		$sql_update.=" cEmail		 = '$cEmail',";
	}
	if(!empty($dBirthday))
	{
		$sql_update.=" dBirthday	 = '$dBirthday',";
	}
	if(!empty($password))
	{
		$password	= gpc_Md5($password);
		$sql_update.= " cPassword = '$password', ";
	}
	if($Gender!=-2)
	{
		$sql_update.= " iGender = $Gender, ";
	}
	$sql_update.="cFax		 = '$FaxNumber'
			WHERE iAccountId=$idAccount";
	$rs=$dbsql->query($sql_update,true);
	return $rs;
}

function CheckPassword($idAccount,$password)
{
global $dbsql;
	$password	= gpc_Md5($password);
	$sql_select	="select cPassword from tblaccount where iAccountId=$idAccount and cPassword='$password'";
	$rs=$dbsql->query($sql_select);
	if($dbsql->num_rows($rs)>0)
	{
		return true;
	}
	return false;
}

function UpdatePassword($idAccount,$password)
{
	global $dbsql;
	$password	= gpc_Md5($password);
	$sql_update="UPDATE tblaccount SET
				cPassword = '$password'
			WHERE iAccountId=$idAccount";
	$rs=$dbsql->query($sql_update,true);
	return $rs;
}

function Checkuser($username)
{
global $dbsql,$language;	
	
	$sql_select="select iAccountId from tblaccount where cName='$username'";
	$rs=$dbsql->query($sql_select);
	$rows=$dbsql->num_rows($rs);
	if($rows>0)
	{
		return true;
	}
	else
	{		
		return false;
	}
}

function CheckEmail($email)
{
global $dbsql,$language;	
	
	$sql_select="select iAccountId from tblaccount where cEmail='$email'";
	$rs=$dbsql->query($sql_select);
	$rows=$dbsql->num_rows($rs);
	if($rows>0)
	{
		return true;
	}
	else
	{		
		return false;
	}
}

function isValidEmail($email){
	return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email);
}


function Login($username,$password,$rememberme=false)
{
global $dbsql,$language,$error_function;

	if ( empty($username)||empty($password) )
	{
	   $error_function = "Please enter user name and password !!";
	   return false;
	}
	 
	 //--------------------------------
	 $sql_select = "SELECT * FROM tblaccount WHERE  cName = '".$username."' or cEmail='$username'";
	 $rs=$dbsql->query($sql_select);
	 if ($dbsql->num_rows($rs)==0)
      {
           $error_function = Usernameorpasswordnotmatch;
		   return false;
      }
	  
	  $result 		= $dbsql->fetch_array($rs);
      $pass      	= $result["cPassword"];
      $iAccountId 	= $result["iAccountId"];
      $cName 		= $result["cName"];
	  $status		= $result['iStatus'];
	  
	  //--------------------------------
	  if($status==-1)
	  {	  		
	  	   $error_function = Youraccounthaslocked;
		   return false;
	  }else if($status==0)
	  {	  		
	  	   $error_function = Youraccountnotactivate;
		   return false;
	  }
	  
	   if (gpc_Md5($password)!=$pass)
      { 	  		
           $error_function = Passwordnotcorect;
		   return false;
      }
	  
	  //======LOGINED============
	if ($rememberme==false)
	{
		$time		= _TIME;
		$timecookie	= 0;
	}else 
	{
		$time		= _TIME+(60*60*24*100);	
		$timecookie	= $time+(60*60*24*7);
	}
	
	$codelogin	= gpc_Md5($username.$time);
		
	gpc_setCookie(LoginCookie,$codelogin,$timecookie,0);
	
	$sql_update="update tblaccount set cCookie='$codelogin',iTimeOut='".$time."' where iAccountId='$iAccountId'";
	$dbsql->query($sql_update);	
		
	return true;
}


function CheckLogin()
{
global $dbsql,$language;
	$cookieofclient=gpc_getCookie(LoginCookie);
	
	if(empty($cookieofclient) || strlen($cookieofclient)<25)
	{
		return false;
	}
	if(isset($GLOBALS['loginedid']))
	{
		return $GLOBALS['loginedid'];
	}
	
	$sql_select="select iAccountId,iTimeOut from tblaccount where cCookie='".$cookieofclient."' 
					and iStatus='1' and iTimeOut>".(_TIME-(intval(TimeOutLogin)));
	$result=$dbsql->query_fetch($sql_select);
	if($result)
	{
		if($result['iTimeOut']<_TIME)
		{
			$sql_update="update tblaccount set iTimeOut="._TIME." where iAccountId=".$result['iAccountId'];
			$dbsql->query($sql_update);
		}	
		$GLOBALS['loginedid']=$result['iAccountId'];
		$GLOBALS['accountinfo']=getInfoAccount($result['iAccountId']);
		return $result['iAccountId'];
	}else
	{
		return  false;
	}
}

function Logout()
{
global $dbsql,$language,$root_domain,$folder_path_root;

	$cookieofclient=gpc_getCookie(LoginCookie);
	$sql_update="update tblaccount set cCookie='' where cCookie='".$cookieofclient."'";
	$dbsql->query($sql_update,true);
	
	@gpc_removeCookie(LoginCookie);
	//direct->
	Redirect($folder_path_root);
}

function getInfoAccount($id)
{
global $dbsql,$language;
	$sql_select="select cName,cFirstName,cLastName,dBirthday,cEmail,cEmail2,cCompany,
			 cAddress,cAddress2,cAddress3,cCity,cState,cZipCode,cCountry,iGender,
			 cMobiPhone,cHomePhone,cWorkPhone,cFax,iStatus,dEntryDate,iGroupId,cInfo
			  from tblaccount where iAccountId=$id";
	$result=$dbsql->query_fetch($sql_select);
	$result['cFullName']=trim($result['cFirstName'].' '.$result['cLastName']);
	
	return $result;
}

function getFullNameByAccountId($id)
{
	global $dbsql,$language;
	$sql_select="select cFirstName,cLastName from tblaccount where iAccountId=$id";
	$result=$dbsql->query_fetch($sql_select);
	$result=trim($result['cFirstName'].' '.$result['cLastName']);
	
	return $result;
}

function SaveActionBeforeLogin()
{
	$referer= $_SERVER['HTTP_REFERER'];
	$urlnow	= $_SERVER['REQUEST_URI'];
	$referer	= preg_replace("((#)(.*))","",$referer);
	if(strpos($referer,$urlnow)===false && stripos($referer,"login")===false)
	{
		gpc_setCookie(URLBeforeLogin,$referer,0,0);
	}
}

?>